Filtered by vendor Sick Ag
Subscriptions
Filtered by product Tdc-x401gl
Subscriptions
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22912 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-19 | 4.3 Medium |
| Improper validation of a login parameter may allow attackers to redirect users to malicious websites after authentication. This can lead to various risk including stealing credentials from unsuspecting users. | ||||
| CVE-2026-22914 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-19 | 4.3 Medium |
| An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation. | ||||
| CVE-2026-22918 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-19 | 4.3 Medium |
| An attacker may exploit missing protection against clickjacking by tricking users into performing unintended actions through maliciously crafted web pages, leading to the extraction of sensitive data. | ||||
| CVE-2026-22908 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-19 | 9.1 Critical |
| Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality. | ||||
| CVE-2026-22913 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-19 | 4.3 Medium |
| Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login. This can lead to the extraction of sensitive data. | ||||
| CVE-2026-22911 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 5.3 Medium |
| Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device. | ||||
| CVE-2026-22909 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 7.5 High |
| Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, potentially disrupting system operations. | ||||
| CVE-2026-22916 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 4.3 Medium |
| An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration. | ||||
| CVE-2026-22919 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 3.8 Low |
| An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, leading to the extraction of sensitive data. | ||||
| CVE-2026-22915 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 4.3 Medium |
| An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information. | ||||
| CVE-2026-22910 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 7.5 High |
| The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system. | ||||
| CVE-2026-22907 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 9.9 Critical |
| An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data. | ||||
| CVE-2026-22917 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 4.3 Medium |
| Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service. | ||||
| CVE-2026-22920 | 1 Sick Ag | 1 Tdc-x401gl | 2026-01-16 | 3.7 Low |
| The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks. | ||||
Page 1 of 1.